head 1.9; access; symbols pkgsrc-2026Q2:1.7.0.2 pkgsrc-2026Q2-base:1.7 pkgsrc-2025Q2:1.2.0.2 pkgsrc-2025Q2-base:1.2 pkgsrc-2025Q1:1.1.0.2 pkgsrc-2025Q1-base:1.1; locks; strict; comment @ * @; 1.9 date 2026.07.08.13.42.32; author kikadf; state Exp; branches; next 1.8; commitid TrothZVUWCiZ0RMG; 1.8 date 2026.07.06.13.07.00; author kikadf; state Exp; branches; next 1.7; commitid 5JFQu3OxURxXTAMG; 1.7 date 2026.06.08.13.12.49; author kikadf; state Exp; branches; next 1.6; commitid Zzd0Bp9ZEsatPZIG; 1.6 date 2025.09.08.13.13.49; author kikadf; state dead; branches; next 1.5; commitid GiSj8cMm5BrSBU9G; 1.5 date 2025.08.13.07.44.33; author kikadf; state Exp; branches; next 1.4; commitid e9vibk03ttN7Dx6G; 1.4 date 2025.07.25.16.17.23; author kikadf; state Exp; branches; next 1.3; commitid hYvYS1Q7wSs6594G; 1.3 date 2025.07.07.09.23.39; author kikadf; state Exp; branches; next 1.2; commitid rbhlGn8onQ00nN1G; 1.2 date 2025.05.16.16.08.34; author wiz; state Exp; branches; next 1.1; commitid Y2DygAA6jkhRe9VF; 1.1 date 2025.02.06.09.58.31; author wiz; state Exp; branches; next ; commitid ItsQhJhMSErRpoIF; desc @@ 1.9 log @ chromium: update to 150.0.7871.100 This update doesn't include security fixes. A full list of changes in this build is available in https://chromium.googlesource.com/chromium/src/+log/150.0.7871.47..150.0.7871.101?pretty=fuller&n=10000 @ text @$NetBSD$ * Part of patchset to build chromium on NetBSD * Based on OpenBSD's chromium patches, and pkgsrc's qt5-qtwebengine patches --- ui/base/ui_base_features.h.orig 2026-07-06 22:58:46.000000000 +0000 +++ ui/base/ui_base_features.h @@@@ -142,7 +142,7 @@@@ COMPONENT_EXPORT(UI_BASE_FEATURES) BASE_DECLARE_FEATURE(kWaylandExternalBeginFrameSource); #endif // BUILDFLAG(IS_OZONE) -#if BUILDFLAG(IS_LINUX) +#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_BSD) COMPONENT_EXPORT(UI_BASE_FEATURES) BASE_DECLARE_FEATURE(kGlobalShortcutsPortalPreferredTrigger); #endif @ 1.8 log @ chromium: update to 150.0.7871.46 This update includes 433 security fixes. Please see the Chrome Security Page for more information. @ text @d7 1 a7 1 --- ui/base/ui_base_features.h.orig 2026-06-23 23:37:18.000000000 +0000 @ 1.7 log @ www/chromium: update to 149.0.7827.53 * 149.0.7827.53 This update includes 429 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. * Fix build with wayland support: add missing include @ text @d7 1 a7 1 --- ui/base/ui_base_features.h.orig 2026-05-28 23:24:11.000000000 +0000 d9 2 a10 2 @@@@ -134,7 +134,7 @@@@ COMPONENT_EXPORT(UI_BASE_FEATURES) BASE_DECLARE_FEATURE(kWaylandSessionManagement); @ 1.6 log @ www/chromium: update to 140.0.7339.80 * 140.0.7339.80 This update includes 6 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [NA][434513380] High CVE-2025-9864: Use after free in V8. Reported by Pavel Kuzmin of Yandex Security Team on 2025-07-28 [$5000][437147699] Medium CVE-2025-9865: Inappropriate implementation in Toolbar. Reported by Khalil Zhani on 2025-08-07 [$4000][379337758] Medium CVE-2025-9866: Inappropriate implementation in Extensions. Reported by NDevTK on 2024-11-16 [$1000][415496161] Medium CVE-2025-9867: Inappropriate implementation in Downloads. Reported by Farras Givari on 2025-05-04 @ text @d1 1 a1 1 $NetBSD: patch-ui_base_ui__base__features.h,v 1.5 2025/08/13 07:44:33 kikadf Exp $ d7 1 a7 1 --- ui/base/ui_base_features.h.orig 2025-07-29 22:51:44.000000000 +0000 d9 1 a9 1 @@@@ -129,7 +129,7 @@@@ COMPONENT_EXPORT(UI_BASE_FEATURES) d16 2 a17 2 BASE_DECLARE_FEATURE(kOverrideDefaultOzonePlatformHintToAuto); #endif // BUILDFLAG(IS_LINUX) @ 1.5 log @ www/chromium: update to 139.0.7258.66 * 139.0.7258.66 This update includes 12 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$2000][414760982] Medium CVE-2025-8576: Use after free in Extensions. Reported by asnine on 2025-04-30 [$1000][384050903] Medium CVE-2025-8577: Inappropriate implementation in Picture In Picture. Reported by Umar Farooq on 2024-12-14 [TBD][423387026] Medium CVE-2025-8578: Use after free in Cast. Reported by Fayez on 2025-06-09 [$10000][407791462] Low CVE-2025-8579: Inappropriate implementation in Gemini Live in Chrome. Reported by Alesandro Ortiz on 2025-04-02 [$2000][411544197] Low CVE-2025-8580: Inappropriate implementation in Filesystems. Reported by Huuuuu on 2025-04-18 [$2000][416942878] Low CVE-2025-8581: Inappropriate implementation in Extensions. Reported by Vincent Dragnea on 2025-05-11 [$1000][40089450] Low CVE-2025-8582: Insufficient validation of untrusted input in DOM. Reported by Anonymous on 2017-10-31 [$500][373794472] Low CVE-2025-8583: Inappropriate implementation in Permissions. Reported by Shaheen Fazim on 2024-10-16 @ text @d1 1 a1 1 $NetBSD$ @ 1.4 log @www/chromium: update to 138.0.7204.168 * 138.0.7204.157 This update includes 6 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$7000][425583995] High CVE-2025-7656: Integer overflow in V8. Reported by Shaheen Fazim on 2025-06-17 [NA][427162086] High CVE-2025-6558: Incorrect validation of untrusted input in ANGLE and GPU. Reported by Clément Lecigne and Vlad Stolyarov of Google's Threat Analysis Group on 2025-06-23 [TBD][427681143] High CVE-2025-7657: Use after free in WebRTC. Reported by jakebiles on 2025-06-25 Google is aware that an exploit for CVE-2025-6558 exists in the wild. * 138.0.7204.168 This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$8000][430344952] High CVE-2025-8010: Type Confusion in V8. Reported by Shaheen Fazim on 2025-07-09 [TBD][430572435] High CVE-2025-8011: Type Confusion in V8. Reported by Shaheen Fazim on 2025-07-09 @ text @d7 1 a7 1 --- ui/base/ui_base_features.h.orig 2025-07-21 19:32:31.000000000 +0000 @ 1.3 log @www/chromium: update to 138.0.7204.96 * Patchset changes: base/system/sys_info_netbsd.cc: fix SysInfo::AmountOfAvailablePhysicalMemoryImpl() v8/src/base/platform/platform-posix.cc: use pid instead of lid in OS::GetCurrentThreadIdInternal() * AudioIO: update to 138.0, apply changes from qt6-qtwebengine by Mark Davies * 137.0.7151.55 This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [TBD][411573532] High CVE-2025-5063: Use after free in Compositing. Reported by Anonymous on 2025-04-18 [TBD][417169470] High CVE-2025-5280: Out of bounds write in V8. Reported by [pwn2car] on 2025-05-12 [$4000][40058068] Medium CVE-2025-5064: Inappropriate implementation in Background Fetch API. Reported by Maurice Dauer on 2021-11-29 [$2000][40059071] Medium CVE-2025-5065: Inappropriate implementation in FileSystemAccess API. Reported by NDevTK on 2022-03-11 [$1000][356658477] Medium CVE-2025-5066: Inappropriate implementation in Messages. Reported by Mohit Raj (shadow2639) on 2024-07-31 [TBD][417215501] Medium CVE-2025-5281: Inappropriate implementation in BFCache. Reported by Jesper van den Ende (Pelican Party Studios) on 2025-05-12 [TBD][419467315] Medium CVE-2025-5283: Use after free in libvpx. Reported by Mozilla on 2025-05-22 [$500][40075024] Low CVE-2025-5067: Inappropriate implementation in Tab Strip. Reported by Khalil Zhani on 2023-10-17 As usual, our ongoing internal security work was responsible for a wide range of fixes: [419294325] Various fixes from internal audits, fuzzing and other initiatives * 137.0.7151.68 This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [N/A][420636529] High CVE-2025-5419: Out of bounds read and write in V8. Reported by Clement Lecigne and Benoît Sevens of Google Threat Analysis Group on 2025-05-27. This issue was mitigated on 2025-05-28 by a configuration change pushed out to Stable across all Chrome platforms. [$1000][409059706] Medium CVE-2025-5068: Use after free in Blink. Reported by Walkman on 2025-04-07 Google is aware that an exploit for CVE-2025-5419 exists in the wild. * 137.0.7151.103 This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$8000][420150619] High CVE-2025-5958: Use after free in Media. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2025-05-25 [NA][422313191] High CVE-2025-5959: Type Confusion in V8. Reported by Seunghyun Lee as part of TyphoonPWN 2025 on 2025-06-04 * 137.0.7151.119 This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$7000][420697404] High CVE-2025-6191: Integer overflow in V8. Reported by Shaheen Fazim on 2025-05-27 [$4000][421471016] High CVE-2025-6192: Use after free in Profiler. Reported by Chaoyuan Peng (@@ret2happy) on 2025-05-31 * 138.0.7204.49 This update includes 11 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$4000][407328533] Medium CVE-2025-6555: Use after free in Animation. Reported by Lyra Rebane (rebane2001) on 2025-03-30 [$1000][40062462] Low CVE-2025-6556: Insufficient policy enforcement in Loader. Reported by Shaheen Fazim on 2023-01-02 [$1000][406631048] Low CVE-2025-6557: Insufficient data validation in DevTools. Reported by Ameen Basha M K on 2025-03-27 * 138.0.7204.96 This update includes 1 security fix. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [NA][427663123] High CVE-2025-6554: Type Confusion in V8. Reported by Clément Lecigne of Google's Threat Analysis Group on 2025-06-25. This issue was mitigated on 2025-06-26 by a configuration change pushed out to Stable channel across all platforms. Google is aware that an exploit for CVE-2025-6554 exists in the wild. @ text @d7 1 a7 1 --- ui/base/ui_base_features.h.orig 2025-06-30 06:54:11.000000000 +0000 @ 1.2 log @www/chromium: update to 136.0.7103.113 Provided by Robert Bagdan in wip. * 131.0.6778.264 This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$55000][383356864] High CVE-2025-0291: Type Confusion in V8. Reported by Popax21 on 2024-12-11 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. As usual, our ongoing internal security work was responsible for a wide range of fixes: [388088544] Various fixes from internal audits, fuzzing and other initiatives * 132.0.6834.83 This update includes 16 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$7000][374627491] High CVE-2025-0434: Out of bounds memory access in V8. Reported by ddme on 2024-10-21 [$7000][379652406] High CVE-2025-0435: Inappropriate implementation in Navigation. Reported by Alesandro Ortiz on 2024-11-18 [$3000][382786791] High CVE-2025-0436: Integer overflow in Skia. Reported by Han Zheng (HexHive) on 2024-12-08 [$2000][378623799] High CVE-2025-0437: Out of bounds read in Metrics. Reported by Xiantong Hou of Wuheng Lab and Pisanbao on 2024-11-12 [TBD][384186539] High CVE-2025-0438: Stack buffer overflow in Tracing. Reported by Han Zheng (HexHive) on 2024-12-15 [$5000][371247941] Medium CVE-2025-0439: Race in Frames. Reported by Hafiizh on 2024-10-03 [$5000][40067914] Medium CVE-2025-0440: Inappropriate implementation in Fullscreen. Reported by Umar Farooq on 2023-07-22 [$2000][368628042] Medium CVE-2025-0441: Inappropriate implementation in Fenced Frames. Reported by someoneverycurious on 2024-09-21 [$2000][40940854] Medium CVE-2025-0442: Inappropriate implementation in Payments. Reported by Ahmed ElMasry on 2023-11-08 [$1000][376625003] Medium CVE-2025-0443: Insufficient data validation in Extensions. Reported by Anonymous on 2024-10-31 [$1000][359949844] Low CVE-2025-0446: Inappropriate implementation in Extensions. Reported by Hafiizh on 2024-08-15 [$1000][375550814] Low CVE-2025-0447: Inappropriate implementation in Navigation. Reported by Khiem Tran (@@duckhiem) on 2024-10-25 [$1000][377948403] Low CVE-2025-0448: Inappropriate implementation in Compositing. Reported by Dahyeon Park on 2024-11-08 We would also like to thank all security researchers that worked with us during the development cycle to prevent security bugs from ever reaching the stable channel. As usual, our ongoing internal security work was responsible for a wide range of fixes: [389761478] Various fixes from internal audits, fuzzing and other initiatives * 132.0.6834.110 This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$11000][386143468] High CVE-2025-0611: Object corruption in V8. Reported by 303f06e3 on 2024-12-26 [$8000][385155406] High CVE-2025-0612: Out of bounds memory access in V8. Reported by Alan Goodman on 2024-12-20 As usual, our ongoing internal security work was responsible for a wide range of fixes: [391144311] Various fixes from internal audits, fuzzing and other initiatives * 132.0.6834.159 This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$2000][384844003] Medium CVE-2025-0762: Use after free in DevTools. Reported by Sakana.S on 2024-12-18 As usual, our ongoing internal security work was responsible for a wide range of fixes: [392630675] Various fixes from internal audits, fuzzing and other initiatives * 133.0.6943.53 This update includes 12 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$7000][390889644] High CVE-2025-0444: Use after free in Skia. Reported by Francisco Alonso (@@revskills) on 2025-01-19 [TBD][392521083] High CVE-2025-0445: Use after free in V8. Reported by 303f06e3 on 2025-01-27 [$2000][40061026] Medium CVE-2025-0451: Inappropriate implementation in Extensions API. Reported by Vitor Torres and Alesandro Ortiz on 2022-09-18 As usual, our ongoing internal security work was responsible for a wide range of fixes: [394135363] Various fixes from internal audits, fuzzing and other initiatives * 133.0.6943.98 This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$55000][391907159] High CVE-2025-0995: Use after free in V8. Reported by Popax21 on 2025-01-24 [TBD][391788835] High CVE-2025-0996: Inappropriate implementation in Browser UI. Reported by yuki yamaoto on 2025-01-23 [TBD][391666328] High CVE-2025-0997: Use after free in Navigation. Reported by asnine on 2025-01-23 [TBD][386857213] High CVE-2025-0998: Out of bounds memory access in V8. Reported by Alan Goodman on 2024-12-31 * 133.0.6943.126 This update includes 3 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$11000][394350433] High CVE-2025-0999: Heap buffer overflow in V8. Reported by Seunghyun Lee (@@0x10n) on 2025-02-04 [TBD][383465163] High CVE-2025-1426: Heap buffer overflow in GPU. Reported by un3xploitable && GF on 2024-12-11 [$4000][390590778] Medium CVE-2025-1006: Use after free in Network. Reported by Tal Keren, Sam Agranat, Eran Rom, Edouard Bochin, Adam Hatsir of Palo Alto Networks on 2025-01-18 * 133.0.6943.141 This update includes 1 security fix. Please see the Chrome Security Page for more information. As usual, our ongoing internal security work was responsible for a wide range of fixes: [399107077]Various fixes from internal audits, fuzzing and other initiatives * 134.0.6998.35 This update includes 14 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$7000][397731718] High CVE-2025-1914: Out of bounds read in V8. Reported by Zhenghang Xiao (@@Kipreyyy) and Nan Wang (@@eternalsakura13) on 2025-02-20 [$4000][391114799] Medium CVE-2025-1915: Improper Limitation of a Pathname to a Restricted Directory in DevTools. Reported by Topi Lassila on 2025-01-20 [$3000][376493203] Medium CVE-2025-1916: Use after free in Profiles. Reported by parkminchan, SSD Labs Korea on 2024-10-31 [$2000][329476341] Medium CVE-2025-1917: Inappropriate Implementation in Browser UI. Reported by Khalil Zhani on 2024-03-14 [$2000][388557904] Medium CVE-2025-1918: Out of bounds read in PDFium. AReported by asnine on 2025-01-09 [$2000][392375312] Medium CVE-2025-1919: Out of bounds read in Media. Reported by @@Bl1nnnk and @@Pisanbao on 2025-01-26 [$1000][387583503] Medium CVE-2025-1921: Inappropriate Implementation in Media Stream. Reported by Kaiido on 2025-01-04 [$5000][384033062] Low CVE-2025-1922: Inappropriate Implementation in Selection. Reported by Alesandro Ortiz on 2024-12-14 [$1000][382540635] Low CVE-2025-1923: Inappropriate Implementation in Permission Prompts. Reported by Khalil Zhani on 2024-12-06 As usual, our ongoing internal security work was responsible for a wide range of fixes: [400559715] Various fixes from internal audits, fuzzing and other initiatives * 134.0.6998.88 This update includes 5 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$7000][398065918] High CVE-2025-1920: Type Confusion in V8. Reported by Excello s.r.o. on 2025-02-21 [TBD][400052777] High CVE-2025-2135: Type Confusion in V8. Reported by Zhenghang Xiao (@@Kipreyyy) and Nan Wang (@@eternalsakura13) on 2025-03-02 [NA][401059730] High CVE-2025-24201: Out of bounds write in GPU on Mac. Reported by Apple Security Engineering and Architecture (SEAR) on 2025-03-05 [$3000][395032416] Medium CVE-2025-2136: Use after free in Inspector. Reported by Sakana.S on 2025-02-10 [$2000][398999390] Medium CVE-2025-2137: Out of bounds read in V8. Reported by zeroxiaobai@@ on 2025-02-25 Google is aware of reports that an exploit for CVE-2025-24201 exists in the wild. * 134.0.6998.117 This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [TBD][401029609] Critical CVE-2025-2476: Use after free in Lens. Reported by SungKwon Lee of Enki Whitehat on 2025-03-05 As usual, our ongoing internal security work was responsible for a wide range of fixes: [404324707] Various fixes from internal audits, fuzzing and other initiatives * 134.0.6998.165 This update doesn't include security fix. * 135.0.7049.52 This update includes 13 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$10000][376491759] Medium CVE-2025-3067: Inappropriate implementation in Custom Tabs. Reported by Philipp Beer (TU Wien) on 2024-10-31 [$2000][401823929] Medium CVE-2025-3068: Inappropriate implementation in Intents. Reported by Simon Rawet on 2025-03-09 [$1000][40060076] Medium CVE-2025-3069: Inappropriate implementation in Extensions. Reported by NDevTK on 2022-06-26 [$1000][40086360] Medium CVE-2025-3070: Insufficient validation of untrusted input in Extensions. Reported by Anonymous on 2017-01-01 [$2000][40051596] Low CVE-2025-3071: Inappropriate implementation in Navigations. Reported by David Erceg on 2020-02-23 [$1000][362545037] Low CVE-2025-3072: Inappropriate implementation in Custom Tabs. Reported by Om Apip on 2024-08-27 [$500][388680893] Low CVE-2025-3073: Inappropriate implementation in Autofill. Reported by Hafiizh on 2025-01-09 [$500][392818696] Low CVE-2025-3074: Inappropriate implementation in Downloads. Reported by Farras Givari on 2025-01-28 As usual, our ongoing internal security work was responsible for a wide range of fixes: [407621901]Various fixes from internal audits, fuzzing and other initiatives * 135.0.7049.84 This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$4000][405140652] High CVE-2025-3066: Use after free in Site Isolation. Reported by Sven Dysthe (@@svn-dys) on 2025-03-21 As usual, our ongoing internal security work was responsible for a wide range of fixes: [409114118] Various fixes from internal audits, fuzzing and other initiatives * 135.0.7049.95 This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [TBD][409619251] Critical CVE-2025-3619: Heap buffer overflow in Codecs. Reported by Elias Hohl on 2025-04-09 [TBD][405292639] High CVE-2025-3620: Use after free in USB. Reported by @@retsew0x01 on 2025-03-21 * 135.0.7049.114 This update includes 1 security fix. Please see the Chrome Security Page for more information. Our ongoing internal security work was responsible for a wide range of fixes: [412443038] Various fixes from internal audits, fuzzing and other initiatives * 136.0.7103.59 This update includes 8 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$5000][409911705] High CVE-2025-4096: Heap buffer overflow in HTML. Reported by Anonymous on 2025-04-11 [$2000][409342999] Medium CVE-2025-4050: Out of bounds memory access in DevTools. Reported by Anonymous on 2025-04-09 [$2000][404000989] Medium CVE-2025-4051: Insufficient data validation in DevTools. Reported by Daniel Fröjdendahl on 2025-03-16 [$1000][401927528] Low CVE-2025-4052: Inappropriate implementation in DevTools. Reported by vanillawebdev on 2025-03-10 As usual, our ongoing internal security work was responsible for a wide range of fixes: [414433561]Various fixes from internal audits, fuzzing and other initiatives * 136.0.7103.92 This update includes 2 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [$7000][412057896] Medium CVE-2025-4372: Use after free in WebAudio. Reported by Huang Xilin of Ant Group Light-Year Security Lab on 2025-04-20 As usual, our ongoing internal security work was responsible for a wide range of fixes: [415837391] Various fixes from internal audits, fuzzing and other initiatives * 136.0.7103.113 This update includes 4 security fixes. Below, we highlight fixes that were contributed by external researchers. Please see the Chrome Security Page for more information. [N/A][415810136] High CVE-2025-4664: Insufficient policy enforcement in Loader. Source: X post from @@slonser_ on 2025-05-05 [TBD][412578726] High CVE-2025-4609: Incorrect handle provided in unspecified circumstances in Mojo. Reported by Micky on 2025-04-22 Google is aware of reports that an exploit for CVE-2025-4664 exists in the wild. As usual, our ongoing internal security work was responsible for a wide range of fixes: [417268830] Various fixes from internal audits, fuzzing and other initiatives @ text @d7 1 a7 1 --- ui/base/ui_base_features.h.orig 2025-05-05 19:21:24.000000000 +0000 d9 1 a9 1 @@@@ -126,7 +126,7 @@@@ COMPONENT_EXPORT(UI_BASE_FEATURES) @ 1.1 log @www/chromium: import chromium-131.0.6778.204nb1 Packaged by Robert Bagdan in wip. Thank you! Chromium is an open-source browser project that aims to build a safer, faster, and more stable way for all Internet users to experience the web. @ text @d7 1 a7 1 --- ui/base/ui_base_features.h.orig 2024-12-17 17:58:49.000000000 +0000 d9 2 a10 2 @@@@ -148,7 +148,7 @@@@ COMPONENT_EXPORT(UI_BASE_FEATURES) BASE_DECLARE_FEATURE(kWaylandUiScale); @